1.0.3 fails to verify RSA signature, 1.0.2 is OK

[Johan Wevers]

You, Keith Owens, wrote:

> The signature verifies using gnupg 1.0.2 and load-extension rsaref.
> It does not verify using stock gnupg 1.0.3, with or without rsaref.

Why do you use the rsaref module instead of the normal rsa module, which is
already integrated in gpg 1.0.3?

Maybe this comment from the rsaref.c source applies:

 RSAREF is limited in key size and in the coding of the encrypted data.
 Everything that passes through RSAREF must be coded in PCKS #1. The
 GPG module interface places no such restriction on the module itself,
 but fortunately it happens to pass PCKS #1 coded data in. It is
 transparently decoded and recoded as necessary.

-- 
ir. J.C.A. Wevers         //  Physics and science fiction site:
johanw@vulcan.xs4all.nl   //  http://www.xs4all.nl/~johanw/index.html
PGP/GPG public keys at http://www.xs4all.nl/~johanw/pgpkeys.html

-- 
Archive is at http://lists.gnupg.org - Unsubscribe by sending mail
with a subject of  "unsubscribe"  to gnupg-users-request@gnupg.org